We have a in-house developed WAF protecting our OWA (activesync) webserver, and part of its function requires long-lived Cookies on the "browsers". We're trying to get it to support iPhones via the "Mail" app (Safari works fine), but we've run into a problem
I was testing on an iPhone that was running 4.0 and it all worked fine. First time it connected, it was given a Cookie via Set-Cookie and every time it came back, it sent the cookie. However, after upgrading it to iOS 4.2.1 (latest release), it no long sends (or listens for) Cookies!
Moving the WAF down from HTTPS to HTTP allowed me to confirm with a sniffer. The Mail app first does a "POST", gets redirected to our cookie-generator page, is pushed a cookie and then redirected back - but it never sends the cookie. However, I do see this "X-Apple-Bad-Iphone-No-Cookie: True" header...
I've Googled for it - no luck. It sort of shouts out Apple has some kind of issue with Cookies?
Anyone got any ideas what's that about?
